Best practices to survive a DDoS attack

Surviving a DDoS attack without an outage requires planning and coordination with your DDoS mitigation service. Some of the steps involved in coordination to survive a DDoS attack include:

  • With the DDoS mitigation service active, verify that all applications are performing properly.
  • Verify that all routing and DNS is working;
  • Generate a few gigabits of controlled traffic to validate the alerting, activation and mitigation features of the service;
  • Test small levels of traffic without scrubbing and without any DDoS protection to validate that your on-premises monitoring systems are functioning correctly. This action will also help you identify the stress points on your network;
  • Conduct baseline testing and calibrate systems to remediate vulnerabilities;
  • Schedule validation tests on a regular basis with your DDoS mitigation service provider;
  • Develop a DDoS mitigation playbook to ensure that everyone in the organization knows what to do and what to expect when a distributed denial of service DDoS attack hits.

Prepare for DDoS survival with a playbook

Winning sports teams don’t ad lib or panic on the field when the opposing team launches a surprise offensive play. They have a well-rehearsed playbook (also called a runbook) with defensive moves that have been developed based on expertise and experience. A similar type of playbook can be essential to a controlled, streamlined response to a DDoS attack.

IT management should talk to the DDoS mitigation services provider before an attack occurs. Ask questions and discuss all of the possible DDoS scenarios and threats that the company could experience.

Test and validate your DDoS monitoring and mitigation service, how they affect your network when activated, and how effective they are in defending against cyber-attacks. More importantly, having a strong operational plan for smooth service activation and communication when under DDoS attack should be an integral part of an organization’s DDoS survival plan.

Regularly evaluate the capabilities of your DDoS mitigation service provider. The vendor must be able to serve many clients simultaneously – an important factor to consider as the occurrences of DDoS attacks escalate.

When everyone in the organization – not just IT – understands what is involved in surviving a DDoS attack, they will be able to respond with more confidence, control and calm – knowing they are part of a well-practiced plan. As a result, the DDoS mitigation process will go more smoothly for minimized downtime and a faster return to business as usual.

You can survive a DDoS attack but it requires planning and practice.

Ready to learn more about DDoS survival?

The State of the Internet site provides resources to help enterprises understand and mitigate DDoS attacks:

  • DDoS threat advisories;
  • DDoS white papers;
  • DDoS trends and statistics;
  • Blogs: Insight into current cybersecurity issues;
  • Global map of DDoS attacks;
  • About DDoS protection;
  • FAQs and best practices.